﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
using System.Text.RegularExpressions;

/// <summary>
/// Summary description for DatabaseConnection
/// </summary>
public class CommonManager
{
    public CommonManager()
	{
		//
		// TODO: Add constructor logic here
		//
	}

    public static Int32 GetAge(DateTime dateOfBirth)
    {
        var today = DateTime.Today;

        var a = (today.Year * 100 + today.Month) * 100 + today.Day;
        var b = (dateOfBirth.Year * 100 + dateOfBirth.Month) * 100 + dateOfBirth.Day;

        return (a - b) / 10000;
    }

    public static String DateReformation(string Date)
    {
      
        string datePaid = Date;
        if (Date.Contains("-"))
        {
            datePaid = Date.Split('-')[2] + "-" + Date.Split('-')[1] + "-" + Date.Split('-')[0];
        }
        else if (Date.Contains("/"))
        {
            datePaid = Date.Split('/')[2] + "-" + Date.Split('/')[1] + "-" + Date.Split('/')[0];
        }

        return datePaid;
    }

    public static string isInjection(string field)
    {
        if(
            field.Contains("=")
            || field.Contains("--")
            || field.Contains(";")
            || field.Contains("''")
            || field.ToUpper().Contains("DROP ")
            || field.ToUpper().Contains("DELETE ")
            || field.ToUpper().Contains("UPDATE ")
            || field.ToUpper().Contains("CREATE ")
            || field.ToUpper().Contains("SELECT ")
            || field.ToUpper().Contains("INSERT ")
            //|| field.ToUpper().Contains(" AND ")
            || field.ToUpper().Contains(" OR ")
            || field.ToUpper().Contains("1=1")
            || field.ToUpper().Trim().Contains("1 = 1")
            || field.ToUpper().Trim().Contains("'1'='1'")
            )
        //if (!Regex.IsMatch(field, @"^(?=.*[a-z])(?=.*[A-Z]).{8,10}$"))
            throw new FormatException("SQL Injection");

        return field;
    }


}